<?php
	require('../_db.php');
	
	if (!isset($_POST['fb_id']) ||
	!is_numeric($_POST['fb_id']) ||
	!isset($_POST['fb_name']) ||
	!isset($_POST['fb_gender']) ||
	!isset($_POST['fb_friend_id']) ||
	!is_numeric($_POST['fb_friend_id']) ||
	!isset($_POST['fb_friend_name'])) exit(-1);
	
	$_POST['fb_name'] = mysql_real_escape_string($_POST['fb_name']);
	$_POST['fb_friend_name'] = mysql_real_escape_string($_POST['fb_friend_name']);
	$_POST['fb_gender'] = mysql_real_escape_string($_POST['fb_gender']);
	
	// enter database info
	if (!isset($_SESSION['recomandareid']))
	{
		$q = " INSERT INTO recomandari (`fb_id`, `fb_name`, `fb_friend_id`, `fb_friend_name`, `fb_gender`)
		VALUES ('".$_POST['fb_id']."', '".$_POST['fb_name']."', '".$_POST['fb_friend_id']."', '".$_POST['fb_friend_name']."', '".$_POST['fb_gender']."') ";
		if ($ok = mysql_query($q))
		{
			$_SESSION['recomandareid'] = mysql_insert_id();
			echo $_SESSION['recomandareid'];
		}
		else echo -1;
	}
	